As examples of such transactions, internet mail-order purchases form an increasingly important sector within the retail economy and are usually conducted by customers entering relevant details, such as credit card number, name etc, on a form-page of a vendor's website. Alternatively it is possible to rely on the vendor having stored those details from a previous transaction, so as to simplify subsequent purchases from that customer.
Security is of paramount importance in conducting such transactions, since access to the account details of a legitimate customer can be exploited for fraudulent purposes such as the manufacture of fake cards etc. If account details are transmitted over internet connections in an unencrypted form, an eavesdropper with access to an intermediate router can access these sensitive details. Alternatively, fake “look-a-like” websites can lure innocent customers into providing their account details in the belief that they are communicating with a reputable vendor. Finally, it is not usual for the web-servers of legitimate traders to become the subject of attacks, as a result of which databases of previously stored account details can be compromised.
To guard against many of these attacks, web-traders commonly employ Secure Sockets Layer (SSL)-protected servers. These address some, but not all, of the security threats by encrypting communications between the customer and the web-server, and also serve to ensure that the web-server must present a digital certificate which associates its identity with a cryptographic public key.
However, even when using the SSL protocol, some threats, for example, rogue processes running on a customer's PC or other terminal device can act so as to harvest card details and transmit them to an attacker. Such danger arises particularly if the customer's device does not have adequate firewall software which monitors outgoing traffic. Also, most users, unfamiliar with digital certificates and how to check them, and with network security etc. in general, can still be fooled, by disguised urls etc, into believing that they are communicating with a reputable vendor rather than an attacker's website.
It is also noted that many customers find the process of entering details on web-forms confusing and error prone, and the invention serves to ease these difficulties also.
From published International patent application WO-A-02/05476 there is known a system of cross-authenticating digital identities employing cryptographic process used to authenticate the identity of the “key” held in the customer's card.
However, such an arrangement is not relevant to the manner in which e-commerce services are currently provided.
That is, currently, when a customer uses its web browser to access a “sales” website presented by an e-commerce server, the customer and device are anonymous to the server. An SSL connection is set-up between the browser in the PC or other terminal device used by the customer. The customers can, by using the SSL protocol, verify the authenticity of the server because it is part of a Public Key Infrastructure (PKI) and the server then presents a certificate which chains-back to a root certificate stored in the customer (client) browser. The customer's device can then choose a random value, send it to the server encrypted under its certified public key, and use it as a basis for the computation of symmetric keys used to provide confidentiality and integrity of the information that the customer wishes to send to the server.
As far as the e-commerce server is concerned, this information has come from an anonymous source, and the vendor then seeks authorisation from the credit card company based on creditworthiness, card validity, security checks on supplied billing address etc. However no steps have been taken to authenticate the source of the information by either user authentication or device authentication. The authorisation process is arranged simply to check that it looks like a valid order.